Go to the documentation of this file.
63 static int g_dns_query_buffer_id = 0;
67 int list_id, uint32_t local_id)
79 if (SCDnsTxGetQueryName(txv,
false, local_id, &data, &data_len) == 0) {
106 "dns request query");
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
#define SIGMATCH_INFO_STICKY_BUFFER
SigTableElmt * sigmatch_table
int DetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list)
main detection engine ctx
void DetectBufferTypeSupportsMultiInstance(const char *name)
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
void DetectAppLayerMultiRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectionMultiBufferGetDataPtr GetData, int priority, int tx_min_progress)
#define SIG_FLAG_TOSERVER
void InspectionBufferSetupMultiEmpty(InspectionBuffer *buffer)
setup the buffer empty
#define SCReturnPtr(x, type)
#define DETECT_CI_FLAGS_SINGLE
void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms, const uint8_t *data, const uint32_t data_len)
setup the buffer with our initial data
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
void DetectDnsQueryRegister(void)
Registration function for keyword: dns_query.
InspectionBuffer * InspectionBufferMultipleForListGet(DetectEngineThreadCtx *det_ctx, const int list_id, const uint32_t local_id)
for a InspectionBufferMultipleForList get a InspectionBuffer
void DetectAppLayerInspectEngineRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr Callback, InspectionBufferGetDataPtr GetData)
Registers an app inspection engine.
void DetectBufferTypeSetDescriptionByName(const char *name, const char *desc)